Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/huFxYleYGkti-JH28XySIofv1_Q.roa
File:                     huFxYleYGkti-JH28XySIofv1_Q.roa (raw, json)
Hash identifier:          /t+S1+w6jr2YwsASeuX8Vswk5T858XQ86G+mSePMxow=
Subject key identifier:   86:E1:71:62:57:98:1A:4B:62:F8:91:F6:F1:7C:92:22:87:EF:D7:F4
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       092B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/huFxYleYGkti-JH28XySIofv1_Q.roa
Signing time:             Tue 29 Sep 2020 10:01:33 +0000
ROA not before:           Tue 29 Sep 2020 10:01:33 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     7482
IP address blocks:        223.22.0.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2347 (0x92b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 10:01:33 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=86E1716257981A4B62F891F6F17C922287EFD7F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:c9:9d:18:c6:85:33:cd:74:ab:f1:02:88:02:
                    d9:5a:fc:fc:38:c6:01:eb:ca:7c:d5:22:6e:f1:37:
                    5c:dc:ff:55:0e:0d:50:eb:19:64:d5:55:16:c8:7e:
                    a5:5e:77:24:ce:30:6b:dc:e0:e6:72:40:62:7e:ce:
                    9a:d6:26:d5:4b:ad:31:e2:a6:79:95:1f:34:4f:f3:
                    ba:89:02:f3:a4:1e:5f:13:c3:6b:7c:65:26:b2:9b:
                    6c:10:5d:82:ab:81:44:a4:9f:26:fc:75:06:1a:1c:
                    2c:c4:20:ba:b5:55:69:95:41:54:43:ac:cd:e4:3c:
                    e4:62:aa:17:90:18:2d:11:e6:c4:6e:0f:73:0e:a8:
                    e0:4d:7b:8a:70:43:c4:76:ab:d4:d9:4f:e2:f9:d4:
                    03:2b:4d:1a:fc:46:94:3b:91:32:d2:fe:82:31:10:
                    5b:7a:9f:f4:37:a1:70:3b:b5:8b:99:be:23:e3:57:
                    0c:de:16:ce:67:f3:e7:fe:bb:cc:b4:f3:70:8d:cb:
                    96:70:c7:2e:94:e8:10:bc:18:49:5d:f9:a3:08:ef:
                    18:67:ed:08:8a:f4:22:03:08:ef:fe:cb:45:ea:e3:
                    7f:9b:3e:43:d9:ab:ba:0f:5c:9d:3f:68:bd:39:db:
                    64:be:67:14:2c:10:94:25:5f:97:39:01:04:dd:8c:
                    a5:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:E1:71:62:57:98:1A:4B:62:F8:91:F6:F1:7C:92:22:87:EF:D7:F4
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/huFxYleYGkti-JH28XySIofv1_Q.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.22.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         87:13:63:f3:d5:07:a8:0c:38:23:97:da:89:61:09:93:d3:66:
         1c:5d:5e:bc:90:ee:7a:be:7f:3b:af:39:04:61:3b:f7:d1:3a:
         56:8a:5d:cb:ab:8b:d8:35:bf:32:b0:1a:28:42:28:b7:af:a3:
         37:82:96:3c:96:a0:89:95:34:2d:c8:27:21:f5:3b:b5:dd:23:
         eb:aa:8c:3e:63:4b:28:50:42:25:fc:bb:94:5b:a4:83:b4:8e:
         67:aa:f2:8e:1f:19:a4:f0:8b:4a:06:1f:1a:b7:c7:8f:6d:e6:
         59:cb:b3:01:04:78:a5:06:a8:0f:3d:22:75:f0:47:94:dd:75:
         81:2d:c6:82:89:00:e4:e7:d1:d0:f7:e1:1b:e0:a9:dc:0d:b3:
         7e:8b:95:e1:8a:80:ac:7f:8e:68:a8:c4:bf:38:0c:03:d1:08:
         ee:f3:4a:39:e4:fc:27:98:bb:21:45:a9:1e:03:45:c7:b4:85:
         c5:5d:a7:82:b5:91:8c:ab:14:1a:a6:72:d0:a0:ca:aa:28:e2:
         87:3a:57:c3:7f:00:58:c4:7e:69:8f:8d:ad:02:d3:94:77:a2:
         10:fa:40:23:e8:24:d0:38:a8:3a:78:84:3e:98:37:fe:8a:66:
         97:ad:62:4a:53:c6:4e:f8:af:4f:c2:74:4a:55:f9:29:ad:b2:
         15:95:83:61
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCSswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMzNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg2RTE3MTYyNTc5ODFB
NEI2MkY4OTFGNkYxN0M5MjIyODdFRkQ3RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXyZ0YxoUzzXSr8QKIAtla/Pw4xgHrynzVIm7xN1zc/1UODVDr
GWTVVRbIfqVedyTOMGvc4OZyQGJ+zprWJtVLrTHipnmVHzRP87qJAvOkHl8Tw2t8
ZSaym2wQXYKrgUSknyb8dQYaHCzEILq1VWmVQVRDrM3kPORiqheQGC0R5sRuD3MO
qOBNe4pwQ8R2q9TZT+L51AMrTRr8RpQ7kTLS/oIxEFt6n/Q3oXA7tYuZviPjVwze
Fs5n8+f+u8y083CNy5Zwxy6U6BC8GEld+aMI7xhn7QiK9CIDCO/+y0Xq43+bPkPZ
q7oPXJ0/aL0522S+ZxQsEJQlX5c5AQTdjKXfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhuFxYleYGkti+JH28XySIofv1/QwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaHVGeFlsZVlHa3RpLUpIMjhYeVNJ
b2Z2MV9RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBt8WADAN
BgkqhkiG9w0BAQsFAAOCAQEAhxNj89UHqAw4I5faiWEJk9NmHF1evJDuer5/O685
BGE799E6Vopdy6uL2DW/MrAaKEIot6+jN4KWPJagiZU0LcgnIfU7td0j66qMPmNL
KFBCJfy7lFukg7SOZ6ryjh8ZpPCLSgYfGrfHj23mWcuzAQR4pQaoDz0idfBHlN11
gS3GgokA5OfR0PfhG+Cp3A2zfouV4YqArH+OaKjEvzgMA9EI7vNKOeT8J5i7IUWp
HgNFx7SFxV2ngrWRjKsUGqZy0KDKqijihzpXw38AWMR+aY+NrQLTlHeiEPpAI+gk
0DioOniEPpg3/opml61iSlPGTvivT8J0SlX5Ka2yFZWDYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org